projects.info-pull.com— Have a look at the first bug from the MOAB guys. It is a Quicktime bug, with remote arbitrary code execution. Fresh and nice. :-)
Jan 1, 2007View in Crawl 4
And so the fun begins... :)George Ou over at ZDnet also went on o say:"Anyone wishing to confirm the vulnerability in their own Intel-based Macs can click on this test link of a specially crafted QuickTime file that will say "happy new year" though the exploit can be easily modified to do more malicious things like delete all of your photos and documents or encrypt them for ransom.This is the first of many Apple vulnerabilities that will be exposed this month. This exploit is EXTREMELY dangerous because it can be remotely triggered with a malicious email attachment or a specially crafted webpage that will automatically trigger the QuickTime "movie" which is actually not a movie but a malicious payload."<a class="user" href="http://blogs.zdnet.com/Ou/?p=398">http://blogs.zdnet.com/Ou/?p=398</a>
A buffer overflow in a user-level application? I hope they try a little harder than that!Not only does Mac's market share absolutely protect it from the types of exploits that continue to circulate on Windows machines, the Mac market share is further split by platform. It's impossible to write a buffer overflow attack that works on both PPC and Intel platforms.An interesting exercise, but nothing will have changed by the time this month is over, unless Apple somehow captures 90% of the market.
"There has been a conspiracy from Apple to destroy Windows by making it look weak and insecure."I could make a joke about MS sometimes being their own worst enemy, but sometimes the truth isn't funny.
To those anti-Mac loons out there who dugg me down, it's day 2 and the bug is for a third-party app that does not ship with any Mac or any Apple product whatsoever.imcompa laid out what happens if he manages 31 days, and those without rational argument dugg him up because you think it's better to pretend OS X is insecure than it is to admit your own OS might be the worst of the bunch.So, what happens if he doesn't make it 31 days? Sheesh, what happens when he doesn't even make it *two* days? Does that demonstrate the converse? That OS X *is* secure?Of course, many of you will never admit it. You don't have the integrity to accept reality as it is. However, facts don't lie, nor do they change based on the number of diggs.
Magnus, what was your comment in response to? My comment?What did I do to deserve that? The only other post I have on an Apple topic in the last two weeks is bitching about something iTunes does stupid?I'm sorry, if this guy can't stand Mac people, it's his own problem. Are some assh**es? Yes. Are some PC owners assh**es? Yes again.It just feels like random anger to me. I can't figure it out. Why not enjoy your PC instead of hating Macs?
mactardJan 2, 2007
Well said.
xxdesmusJan 2, 2007
And so the fun begins... :)George Ou over at ZDnet also went on o say:"Anyone wishing to confirm the vulnerability in their own Intel-based Macs can click on this test link of a specially crafted QuickTime file that will say "happy new year" though the exploit can be easily modified to do more malicious things like delete all of your photos and documents or encrypt them for ransom.This is the first of many Apple vulnerabilities that will be exposed this month. This exploit is EXTREMELY dangerous because it can be remotely triggered with a malicious email attachment or a specially crafted webpage that will automatically trigger the QuickTime "movie" which is actually not a movie but a malicious payload."<a class="user" href="http://blogs.zdnet.com/Ou/?p=398">http://blogs.zdnet.com/Ou/?p=398</a>
Closed AccountJan 2, 2007
A buffer overflow in a user-level application? I hope they try a little harder than that!Not only does Mac's market share absolutely protect it from the types of exploits that continue to circulate on Windows machines, the Mac market share is further split by platform. It's impossible to write a buffer overflow attack that works on both PPC and Intel platforms.An interesting exercise, but nothing will have changed by the time this month is over, unless Apple somehow captures 90% of the market.
alphamackJan 2, 2007
The exploit can be made to destroy your home directory if someone desired. So being an admin or not wouldn't matter.
macparrotJan 2, 2007
"There has been a conspiracy from Apple to destroy Windows by making it look weak and insecure."I could make a joke about MS sometimes being their own worst enemy, but sometimes the truth isn't funny.
node3Jan 3, 2007
To those anti-Mac loons out there who dugg me down, it's day 2 and the bug is for a third-party app that does not ship with any Mac or any Apple product whatsoever.imcompa laid out what happens if he manages 31 days, and those without rational argument dugg him up because you think it's better to pretend OS X is insecure than it is to admit your own OS might be the worst of the bunch.So, what happens if he doesn't make it 31 days? Sheesh, what happens when he doesn't even make it *two* days? Does that demonstrate the converse? That OS X *is* secure?Of course, many of you will never admit it. You don't have the integrity to accept reality as it is. However, facts don't lie, nor do they change based on the number of diggs.
meatbiproductJan 3, 2007
I'd say a lot of things are 'beyond' his realm.
meatbiproductJan 3, 2007
maybe 2008 will be the year of unfunny jokes?
happyscrappyJan 3, 2007
Magnus, what was your comment in response to? My comment?What did I do to deserve that? The only other post I have on an Apple topic in the last two weeks is bitching about something iTunes does stupid?I'm sorry, if this guy can't stand Mac people, it's his own problem. Are some assh**es? Yes. Are some PC owners assh**es? Yes again.It just feels like random anger to me. I can't figure it out. Why not enjoy your PC instead of hating Macs?